CVE-2024-23819

Summary

CVE-2024-23819 is a stored cross-site scripting (XSS) vulnerability affecting versions prior to 2.23.4 and 2.24.1 of GeoServer, an open-source Java-based software for managing and sharing geospatial data. An authenticated administrator with workspace-level privileges can exploit this flaw to insert a malicious JavaScript payload into the GeoServer catalog. When other users view the affected MapML HTML Page, the payload executes in their browser, potentially leading to unintended actions or data exposure. The MapML extension and access to the MapML HTML Page are required for the attack, but data security measures may limit the attack surface. Newer versions 2.23.4 and 2.24.1 include a patch to mitigate this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.